Single Sign-On
Configuring SSO
It is possible to configure a single-sign-on (SSO) to your applications in OpenIAM. There are two ways of configuring it:
- Federation protocols such SAML 2, oAuth 2, OpenID Connect (OIDC);
- Legacy applications using the reverse proxy.
One of the most used SSO configurations over OpenIAM is using the first option from the list above. The configuring process for SAML, oAuth, OpenID Connect (OIDC) is described in below.
| SSO Method | Description |
|---|---|
| SAML 2 | Security Assertion Markup Language 2.0 (SAML) is a version of the SAML standard for exchanging authentication and authorization identities between security domains. The section also covers the provess of adding s Service Provider to OpenIAM's IDP. |
| oAuth 2 | OAuth 2.0 is the industry-standard protocol for authorization |
| OIDC | OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. |
Controlling access to the application
User can also control the access to particular applications based on a defined workflow.
Access control section helps the user to configure access to applications.